---
# tasklist for setting up bodhi/masher (requires bodhi/base)
# This is the base set of files needed for bodhi/masher

- name: add ftpsync group
  group: name=ftpsync gid=263 system=yes state=present

- name: add ftpsync user
  user: name=ftpsync uid=263 group=ftpsync createhome=yes system=yes state=present

- name: add the ftpsync update-fullfilelist script
  copy: src=update-fullfilelist dest=/usr/local/bin/update-fullfilelist owner=ftpsync group=ftpsync mode=555

- name: add masher group
  group: name=masher gid=751 system=yes state=present

# masher user 751
- name: add masher user as 751 - and group
  user: name=masher uid=751 group=masher home=/home/masher groups=mock,ftpsync

- name: install needed packages
  yum: pkg={{ item }} state=present
  with_items:
  - python-fedora-turbogears
  tags:
  - packages

- name: install bodhi-masher /etc/httpd/conf.d/bodhi.conf file
  copy: >
    src="bodhi-masher.conf"
    dest="/etc/httpd/conf.d/bodhi.conf"
    owner=root
    group=root
    mode=0644
  notify:
  - reload httpd
  tags:
  - config

- name: change owner and group attributes of bodhi.pem file
  file: >
    path="/etc/pki/bodhi/bodhi.pem"
    owner=masher
    group=masher
  when: inventory_hostname.startswith('bodhi-backend')
  tags:
  - config

- name: change owner and group attributes of /var/log/bodhi directory
  file: path=/var/log/bodhi owner=masher group=masher
  when: inventory_hostname.startswith('bodhi-backend')
  tags:
  - config
  
- name: setup /etc/bodhi/mash.conf file...
  template: >
    src=mash.conf
    dest=/etc/bodhi/mash.conf
    owner=masher
    group=masher
    mode=0640
  tags:
  - config

- name: change type part of SELinux file context
  file: >
    dest=/var/tmp/bodhi/comps/
    setype=httpd_sys_script_rw_t
    state=directory
    recurse=yes
  tags:
  - config

- name: change owner attribute of /var/tmp/bodhi-bz.cookie file
  file: >
    path=/var/tmp/bodhi-bz.cookie 
    owner=masher 
  tags:
  - config

- name: install /etc/bodhi/*.mash files
  copy: >
    src="{{ item }}"
    dest="/etc/bodhi/{{ item }}"
    owner=masher
    mode=0640
  with_items:
  - f20-updates.mash
  - f20-updates-testing.mash
  - f21-updates.mash
  - f21-updates-testing.mash
  - f22-updates.mash
  - f22-updates-testing.mash
  - el6-epel.mash
  - el6-epel-testing.mash
  - epel7.mash
  - epel7-testing.mash
  tags:
  - config

# tasks for setting up epelmasher

- name: install needed packages
  yum: pkg={{ item }} state=present
  with_items:
  - repoview
  tags:
  - packages

- name: install bodhi-epel-masher /etc/bodhi/bodhi.cfg file
  template: >
    src="bodhi-epel-masher.cfg.j2" 
    dest="/etc/bodhi/bodhi.cfg" 
    owner=masher 
    group=masher 
    mode=0600
  when: inventory_hostname.startswith('bodhi-backend02')
  notify:
  - reload httpd
  tags:
  - config

# tasklist for setting up jobrunner

- name: install bodhi-masher-jobrunner /etc/bodhi/bodhi.cfg file
  template: >
    src="bodhi-masher-jobrunner.cfg.j2" 
    dest="/etc/bodhi/bodhi.cfg" 
    owner=masher 
    group=masher 
    mode=0600
  when: inventory_hostname.startswith('bodhi-backend01')
  notify:
  - reload httpd
  tags:
  - config

#
# koji ssl cert for owner sync jobs below
#

- name: copy koji ssl cert for owner sync
  copy: src="{{ private }}/files/pkgdb_key_and_cert.pem" dest=/etc/pki/pkgdb/pkgdb.pem mode=600
  tags:
  - config

#
# cron job that syncs packages to koji
#
- name: put owner-sync-pkgdb in place
  template: src=owner-sync-pkgdb.j2 dest=/usr/local/bin/owner-sync-pkgdb mode=0755
  tags:
  - config

- name: sync packages from pkgdb2 to koji (el5)
  cron: name="owner-sync-el5" minute="7,17,27,37,47,57" user="root" 
        job="/usr/local/bin/owner-sync-pkgdb dist-5E-epel"
        cron_file=update-koji-owner-EL-5
        state=absent
  when: inventory_hostname.startswith('bodhi-backend01') and env == "production"

- name: sync packages from pkgdb2 to koji (el6)
  cron: name="owner-sync-el5" minute="7,17,27,37,47,57" user="root" 
        job="/usr/local/bin/owner-sync-pkgdb dist-6E-epel"
        cron_file=update-koji-owner-EL-6
        state=absent
  when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
  
- name: sync packages from pkgdb2 to koji (epel7)
  cron: name="owner-sync-el5" minute="7,17,27,37,47,57" user="root" 
        job="/usr/local/bin/owner-sync-pkgdb epel7"
        cron_file=update-koji-owner-epel7
        state=absent
  when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
  
- name: sync packages from pkgdb2 to koji (f20)
  cron: name="owner-sync-el5" minute="7,17,27,37,47,57" user="root" 
        job="/usr/local/bin/owner-sync-pkgdb f20"
        cron_file=update-koji-owner-f20
        state=absent
  when: inventory_hostname.startswith('bodhi-backend01')

#
# cron job that syncs updates to master mirror
#

- name: put fedora-updates-push in place
  copy: src=fedora-updates-push dest=/usr/local/bin/fedora-updates-push mode=0755
  tags:
  - config
  when: inventory_hostname.startswith('bodhi-backend01') and env == "production"

- name: put fedora-epel-push in place
  copy: src=fedora-epel-push dest=/usr/local/bin/fedora-epel-push mode=0755
  tags:
  - config
  when: inventory_hostname.startswith('bodhi-backend02') and env == "production"

- name: put update-fullfilelist in place
  copy: src=update-fullfilelist dest=/usr/local/bin/update-fullfilelist mode=0755
  tags:
  - config
  when: inventory_hostname.startswith('bodhi-backend01') and env == "production"

- name: Kill the bodhi1 Updates sync cron job. 
  cron: name="updates-sync" minute="15,45" user="ftpsync"
        job="/usr/local/bin/lock-wrapper fedora-updates-push '/usr/local/bin/fedora-updates-push && /usr/local/bin/update-fullfilelist fedora"
        cron_file=updates-sync
        state=absent
  when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
  tags:
  - config

- name: Kill the bodhi1 epel Updates sync cron job. 
  cron: name="epel-updates-sync" minute="15,45" user="ftpsync"
        job="/usr/local/bin/lock-wrapper fedora-epel-push '/usr/local/bin/fedora-epel-push && /usr/local/bin/update-fullfilelist epel"
        cron_file=updates-sync
        state=absent
  when: inventory_hostname.startswith('bodhi-backend02') and env == "production"
  tags:
  - config

- name: directory sizes update cron job. 
  cron: name="directory-sizes-update" minute="30" hour="19" user="ftpsync"
        job="/usr/bin/find /srv/pub/alt/ /srv/pub/archive/ /srv/pub/fedora-secondary/ /srv/pub/fedora/ /srv/pub/epel/ -type d ! -path '/srv/pub/fedora/.snapshot*' ! -path '/srv/pub/epel/.snapshot*' ! -path '/srv/pub/alt/.snapshot*' ! -path '/srv/pub/archive/.snapshot*' ! -path '/srv/pub/fedora-secondary/.snapshot*' ! -path '/srv/pub/alt/stage*' ! -path '/srv/pub/alt/tmp' ! -path '/srv/pub/alt/screenshots/f21/source' | grep -v snapshot | /usr/bin/xargs -n 1 /usr/bin/du --exclude=.snapshot --exclude=stage -sh > /tmp/DIRECTORY_SIZES.txt 2> /dev/null; cp /tmp/DIRECTORY_SIZES.txt /srv/pub/"
        cron_file=directory-sizes-update
        state=absent
  when: inventory_hostname.startswith('bodhi-backend02') and env == "production"
  tags:
  - config

- name: setup cache directory for package signing by releng
  file: state=directory mode=770 owner=masher group=sysadmin-releng path=/var/cache/sigul
  tags:
  - config
